Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump tornado from 6.2 to 6.3.3 in /Documentation #27497

Merged
merged 2 commits into from
Aug 23, 2023
Merged

build(deps): bump tornado from 6.2 to 6.3.3 in /Documentation #27497

merged 2 commits into from
Aug 23, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 14, 2023
edited

Bumps tornado from 6.2 to 6.3.3.

Changelog

Sourced from tornado's changelog.

Release notes

.. toctree:: :maxdepth: 2

releases/v6.3.3 releases/v6.3.2 releases/v6.3.1 releases/v6.3.0 releases/v6.2.0 releases/v6.1.0 releases/v6.0.4 releases/v6.0.3 releases/v6.0.2 releases/v6.0.1 releases/v6.0.0 releases/v5.1.1 releases/v5.1.0 releases/v5.0.2 releases/v5.0.1 releases/v5.0.0 releases/v4.5.3 releases/v4.5.2 releases/v4.5.1 releases/v4.5.0 releases/v4.4.3 releases/v4.4.2 releases/v4.4.1 releases/v4.4.0 releases/v4.3.0 releases/v4.2.1 releases/v4.2.0 releases/v4.1.0 releases/v4.0.2 releases/v4.0.1 releases/v4.0.0 releases/v3.2.2 releases/v3.2.1 releases/v3.2.0 releases/v3.1.1 releases/v3.1.0 releases/v3.0.2 releases/v3.0.1 releases/v3.0.0 releases/v2.4.1 releases/v2.4.0 releases/v2.3.0 releases/v2.2.1 releases/v2.2.0

... (truncated)

Commits
  • e4d6984 Merge pull request #3307 from bdarnell/branch6.3
  • 6a9e6fb ci: Don't test py312 in branch6.3
  • 5c8a9a4 Set version to 6.3.3
  • 7dfe8b5 httpserver_test: Add ExpectLog to fix CI
  • 217295b http1connection: Make content-length parsing more strict
  • e3aa6c5 Merge pull request #3267 from bdarnell/branch6.3
  • 34f5c1c Version 6.3.2
  • 32ad07c web: Fix an open redirect in StaticFileHandler
  • e0fa53e Merge pull request #3257 from bdarnell/build-workflow-wstest-warning
  • f5a1d5c ci: Only run pypi actions from the main repo
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot requested a review from a team as a code owner August 14, 2023 23:07
@dependabot dependabot bot requested a review from zacharysarah August 14, 2023 23:07
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Aug 14, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Aug 14, 2023
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Aug 14, 2023
zacharysarah
zacharysarah approved these changes Aug 14, 2023
View reviewed changes
Copy link
Contributor

@zacharysarah zacharysarah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zacharysarah zacharysarah added the release-note/ci This PR makes changes to the CI. label Aug 14, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Aug 14, 2023
@joestringer
Copy link
Member

joestringer commented Aug 23, 2023
edited

Failed docs-builder build:

 > [docs-builder 2/3] RUN pip install -r /tmp/requirements.txt:
8.899 Collecting sphinxcontrib-jsmath==1.0.1
8.902   Downloading sphinxcontrib_jsmath-1.0.1-py2.py3-none-any.whl (5.1 kB)
8.914 Collecting sphinxcontrib-qthelp==1.0.3
8.918   Downloading sphinxcontrib_qthelp-1.0.3-py2.py3-none-any.whl (90 kB)
8.933 Collecting sphinxcontrib-serializinghtml==1.1.5
8.937   Downloading sphinxcontrib_serializinghtml-1.1.5-py2.py3-none-any.whl (94 kB)
9.019 ERROR: Could not find a version that satisfies the requirement tornado==6.3.3
9.019 ERROR: No matching distribution found for tornado==6.3.3
9.027 WARNING: You are using pip version 21.0.1; however, version 23.2.1 is available.
9.027 You should consider upgrading via the '/usr/local/bin/python -m pip install --upgrade pip' command.

Seems to be available though, not sure what's going on: https://pypi.org/project/tornado/#history

@joestringer
Copy link
Member

@dependabot rebase

@dependabot
build(deps): bump tornado from 6.2 to 6.3.3 in /Documentation
52acec1 
Bumps [tornado](https://github.com/tornadoweb/tornado) from 6.2 to 6.3.3.
- [Changelog](https://github.com/tornadoweb/tornado/blob/master/docs/releases.rst)
- [Commits](tornadoweb/tornado@v6.2.0...v6.3.3)

---
updated-dependencies:
- dependency-name: tornado
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/pip/Documentation/tornado-6.3.3 branch from 391ee79 to 52acec1 Compare August 23, 2023 03:50
@dependabot dependabot bot temporarily deployed to docs-builder August 23, 2023 03:51 Inactive
@dependabot dependabot bot temporarily deployed to docs-builder August 23, 2023 04:03 Inactive
ci: update docs-builder
146eabc 
Signed-off-by: Cilium Imagebot <noreply@cilium.io>
@auto-committer auto-committer bot requested review from a team as code owners August 23, 2023 05:57
@auto-committer auto-committer bot temporarily deployed to docs-builder August 23, 2023 05:57 Inactive
@zacharysarah
Copy link
Contributor

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 23, 2023

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@joestringer
Copy link
Member

/test

@joestringer
Copy link
Member

@zacharysarah the PR seems to be rebased now and it's looking like CI should be passing. Curious what you had in mind when asking dependabot to rebase earlier? Is there still some issue you see with the PR?

@zacharysarah
Copy link
Contributor

@joestringer The branch shows as out-of-date for me, so I attempted to bring it current by rebase. I don't see any issues otherwise.

@joestringer
Copy link
Member

@zacharysarah OK. Given the velocity of the Cilium project, PRs will almost always be "out-of-date" with respect to the base branch, so I don't think it's worth always rebasing. Rebasing also invalidates CI results, which means that we have to re-run CI, and it's not uncommon that by the time CI runs, the branch is out of date again.

In general if you're aware of a reason to rebase, such as direct conflicts, or related changes that likely impact the behaviour of the PR, then it may be worth rebasing. Or if you're working on a change and addressing feedback, then rebase. Or maybe once a week if the PR is not merged by then.

There is always a chance that the "out-of-date" may introduce a conflict that breaks the tree in some way, and we currently just deal with that as conflicts are introduced. We're also exploring whether merge queues may assist with mitigating this risk.

For context, in the case above, I rebased just because it seemed like maybe there was an issue with out-of-date CI workflows, so I figured that rebasing might resolve the failures.

@joestringer joestringer mentioned this pull request Aug 23, 2023
Open
@joestringer
Copy link
Member

Filed #27672 for the failure, it's clearly unrelated to the change here.

@joestringer joestringer merged commit 2cdeb6a into main Aug 23, 2023
200 of 202 checks passed
@joestringer joestringer deleted the dependabot/pip/Documentation/tornado-6.3.3 branch August 23, 2023 20:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zacharysarah zacharysarah zacharysarah approved these changes

@viktor-kurchenko viktor-kurchenko viktor-kurchenko approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file kind/community-contribution This was a contribution made by a community member. python Pull requests that update Python code release-note/ci This PR makes changes to the CI.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@joestringer @zacharysarah @viktor-kurchenko